GitHub
commit
ed6904fa30
4 changed files with 8 additions and 93 deletions
|
|
@ -5,9 +5,9 @@
|
|||
}: {
|
||||
imports = [
|
||||
../../modules/gitea.nix
|
||||
(import ../../modules/gateway-st.nix {name = "gitea";})
|
||||
];
|
||||
services.gitea = {
|
||||
package = pkgs.forgejo;
|
||||
enable = true;
|
||||
appName = "Lotte's Git";
|
||||
cookieSecure = true;
|
||||
|
|
@ -25,11 +25,11 @@
|
|||
settings = rec {
|
||||
storage = {
|
||||
STORAGE_TYPE = "minio";
|
||||
MINIO_ENDPOINT = "localhost:7777";
|
||||
MINIO_ACCESS_KEY_ID = "gitea";
|
||||
MINIO_ENDPOINT = "s3.us-west-000.backblazeb2.com";
|
||||
MINIO_ACCESS_KEY_ID = "000decd694f9e7d0000000020";
|
||||
MINIO_SECRET_ACCESS_KEY = "#storageSecret#";
|
||||
MINIO_BUCKET = "gitea";
|
||||
MINIO_USE_SSL = "false";
|
||||
MINIO_BUCKET = "git-chir-rs";
|
||||
MINIO_USE_SSL = "true";
|
||||
};
|
||||
openid = {
|
||||
ENABLE_OPENID_SIGNIN = true;
|
||||
|
|
|
|||
|
|
@ -1,62 +0,0 @@
|
|||
{
|
||||
name,
|
||||
port ? 7777,
|
||||
}: {
|
||||
config,
|
||||
lib,
|
||||
options,
|
||||
pkgs,
|
||||
...
|
||||
}:
|
||||
with lib; let
|
||||
gateway = pkgs.callPackage ../packages/gateway-st.nix {};
|
||||
in {
|
||||
systemd.services."storj-gateway@${name}" = {
|
||||
description = "storj gateway ${name}";
|
||||
after = ["network.target"];
|
||||
wantedBy = ["multi-user.target"];
|
||||
preStart = ''
|
||||
cd $HOME
|
||||
mkdir -p ${name}
|
||||
echo -n "access: " > ${name}/config.yaml
|
||||
cat /run/secrets/services/storj/${name}/accessGrant >> ${name}/config.yaml
|
||||
echo "" >> ${name}/config.yaml
|
||||
echo -n "minio.access-key: " >> ${name}/config.yaml
|
||||
cat /run/secrets/services/storj/${name}/accessKey >> ${name}/config.yaml
|
||||
echo "" >> ${name}/config.yaml
|
||||
echo -n "minio.secret-key: " >> ${name}/config.yaml
|
||||
cat /run/secrets/services/storj/${name}/secretKey >> ${name}/config.yaml
|
||||
echo "" >> ${name}/config.yaml
|
||||
'';
|
||||
serviceConfig = {
|
||||
Type = "simple";
|
||||
User = "storj";
|
||||
Group = "storj";
|
||||
WorkingDirectory = "/var/lib/storj";
|
||||
ExecStart = "${gateway}/bin/gateway run --config-dir /var/lib/storj/${name} --server.address 127.0.0.1:${builtins.toString port}";
|
||||
Restart = "always";
|
||||
RuntimeDirectory = "storj";
|
||||
RuntimeDirectoryMode = "0700";
|
||||
Umask = "0077";
|
||||
ReadWritePaths = ["/var/lib/storj"]; # Grant access to the state directory
|
||||
};
|
||||
environment = {
|
||||
USER = "storj";
|
||||
HOME = "/var/lib/storj";
|
||||
};
|
||||
};
|
||||
users.users.storj = {
|
||||
description = "storj user";
|
||||
home = "/var/lib/storj";
|
||||
useDefaultShell = true;
|
||||
group = "storj";
|
||||
isSystemUser = true;
|
||||
};
|
||||
users.groups.storj = {};
|
||||
systemd.tmpfiles.rules = [
|
||||
"d '/var/lib/storj' 0700 storj storj - -"
|
||||
];
|
||||
sops.secrets."services/storj/${name}/accessGrant".owner = "storj";
|
||||
sops.secrets."services/storj/${name}/accessKey".owner = "storj";
|
||||
sops.secrets."services/storj/${name}/secretKey".owner = "storj";
|
||||
}
|
||||
|
|
@ -1,18 +0,0 @@
|
|||
{
|
||||
lib,
|
||||
buildGoModule,
|
||||
fetchFromGitHub,
|
||||
}:
|
||||
buildGoModule rec {
|
||||
pname = "gateway-st";
|
||||
version = "1.6.1";
|
||||
src = fetchFromGitHub {
|
||||
owner = "storj";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "0v5gh03xaqld4l017fgzp46zi0r31az6cvk7war1brl2ir33nw47";
|
||||
};
|
||||
subPackages = ["."];
|
||||
vendorSha256 = "sha256-4cqNhQK/I3oRXYuF08bTU31SFkS8Mj6MPA7W6MIaxh8=";
|
||||
doCheck = false;
|
||||
}
|
||||
|
|
@ -29,12 +29,7 @@ services:
|
|||
password: ENC[AES256_GCM,data:oBeyAHCCYeg/QsyxtB0tUmvzd5kfglY7wp56kdav5SYbwTxLdOCXegJouqPIR7Sm6viz2INDXsHlZW20Hkkkhw==,iv:8UmczITg+HY0inR+4FUh9RG4vJO/MspY+hBXRY3UNm8=,tag:4N7nZSKsEblVluTA/19OHA==,type:str]
|
||||
hydra:
|
||||
gitea_token: ENC[AES256_GCM,data:NkEXwLbofK2QnWrUuxY5QvUkYPWzY7Brsgl9FvV5Me0J5mWuHUc0Dg==,iv:UhA4JUKV/+D5lOTAx3fC+rsr61lYQJRioSyKQ3s1e0Y=,tag:E/HB2S90o7dLmeWBLsOP9w==,type:str]
|
||||
gitea: ENC[AES256_GCM,data:q6VUUg/4iGXhVndIagVxROt7jA==,iv:YrkmtANgN21U/NII+oxrNtA9lr+ns5rTGRQBk3BYAbM=,tag:EzS3IHt+MB7flL+3ip2A9g==,type:str]
|
||||
storj:
|
||||
gitea:
|
||||
accessGrant: ENC[AES256_GCM,data:iA3kg6wxgoR6Q8mtHq8Up9RH5at+Md+h0jdKvWnB+RwX9aJut+kfguQb8BFmKVN5+WL9BfCGzj+p3dgeFe9OvUcgAsVwlgEKU0nNIDOo80AIf9d6MWwt0aaLYdqX+4VB0O2XWABY24qFna1vPobfx6gWezbnnVcgoXUUaH0xNHblQn4N3RB/bzu8GtwkCJ9g6pIWkaeb3Zl0v84Kt3W3kY6A7sIsh/uIJpMKYgn1+Xz3GokQqecz5H4qFBBNwPIqLek+S6vLzjzIvLcKrylG8s1sCZ7G38XciysKt5vFi7VvDDQ612WH/Im7q1GCmyqTDjn4hND8d6/4uurtxhdlgA/pyQ3yc10murMiCnMcxCtwo2sWtsxPNOGySR2xeutqiag7lqT/K2g=,iv:eonpaegpJfgNLBh5+//fw/A7oYgIBcZHhPEtmU0w3ic=,tag:BhAQzJPAN7J9C831dBMGNw==,type:str]
|
||||
accessKey: ENC[AES256_GCM,data:GqA0EaM=,iv:IgnM9QqHovjnmtpIn2Qoli8AR91K9YPRN9DlmZKZ9bU=,tag:538oAZat3xdYyYNzD40kow==,type:str]
|
||||
secretKey: ENC[AES256_GCM,data:DnbbiP6AtpSBfAV8tsmAVeYEhw==,iv:mK/636oPZLEMoNZP1gWZJ/ADjkH8RLN93ear2ACLk8o=,tag:c5mSYyKb0vriTyHrEQC8ZQ==,type:str]
|
||||
gitea: ENC[AES256_GCM,data:4lwnfAuAn8qa+3oNKaFkOX8rQINvYW2/p+5Cd1c3FQ==,iv:KeW/72JZ9Ar5KIzH87S5LBd6RjHGK6O3SwVibCJ1mn8=,tag:Fapbl3LmJ+H5TjZTapFIQQ==,type:str]
|
||||
old-homepage: ENC[AES256_GCM,data:MYpqkUkk6y+OhaZu2VsmWocGIsTqxZN1fCk6viNYJSAdGTikK+XtBMj8KrWSwA/8wfcWth20goLvOwQuCJiSxdl86sdsUbc18/NqK52B6LS6h+Pw3GNsyAQUu+oaxfL7FtHRvViiSS8LVulKeSjL7osUPlrJVqEZfqOX4bNkPxiamOvZko1uHC+iWGY68BnAHQoEbdVNhNEUQqm2A8/vidNU4Z9VrmPXmr8nr/c+Ut+aF0iPZJGqSoxWS8+zFU6ubv/W2rA18wi8hOYPpV0=,iv:U245wbKo9e4AAGS6khhEV9lDB6y0ukAUtLMnihHC9T0=,tag:xqvUnSHuI7XeRkk4NtZZyQ==,type:str]
|
||||
postfixadmin:
|
||||
dbpassword: ENC[AES256_GCM,data:/gpfZxD2zcEUBr2VTgtkvSBSDw==,iv:HZ5Yra+T4Z0nviBwfCnVmjPorFcoGp2Z2SSrG6BzIvo=,tag:fbNw1AQ2zJWJocumT/Zjbg==,type:str]
|
||||
|
|
@ -92,8 +87,8 @@ sops:
|
|||
UDRmejBFNTVxeTF6aVFta09OS25uNXcKizOsV9EUukinCAwvpZVrk9x0aXTKQckd
|
||||
gGfdCEU0HZXhZg+ikDFzy52+vPo8+gInjscXiXr/gGn6dJoctLqQXA==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2023-02-18T08:54:32Z"
|
||||
mac: ENC[AES256_GCM,data:gnKHNpR4mdkHvixhyb6djjlpapvsX0+9Lt2xn1W65kbz0UCioql0C3yqEjdzVkIFIENjmHE/Ua+jjTpCeDor5KMEF/mksBdNQDr6S6npdw6M2N5YBBLCqlqyr8fKKmNDwIyC8SrlYyMbOpHSiKXsLLI/OI27JHbm4MlbQCB5w5o=,iv:cTEFLTfJw3ugo0FWnFGLGoVnihXT4lMaFAiRXK1PdYo=,tag:ttPp62hcyAj0fq80GvN/rA==,type:str]
|
||||
lastmodified: "2023-03-25T19:34:07Z"
|
||||
mac: ENC[AES256_GCM,data:LygAZldFTh49Oj/uZ85cuyis/ctE4octX1dNYAdEdQjfFzRBAN9K5HdWby1NVigBaTiqkmTXNv6ohCpEhkDp6C9dAfZenqDu/s2iR6aGdwQT0uscfI9p6u19yNCVZDo6vpGRO5a7oQuyeasG30HlEHko8AEXIioqPcY3FrjV0W4=,iv:9TAIeHizW1TFGdNXbvbQ8eRJ+uHcsC8CLTsvtpyHOtk=,tag:901jQ7YEp1bLUhaA0zaO3g==,type:str]
|
||||
pgp:
|
||||
- created_at: "2023-02-18T08:54:32Z"
|
||||
enc: |
|
||||
|
|
|
|||
Loading…
Reference in a new issue